- An easier installation as a server role with all the necessary services being automatically installed with the role itself such as ASP.Net and IIS)
- Tighter integration with ActiveDirectory RMS (Rights Management Services)
- ADFS works with MOSS (Microsoft Office SharePoint Server) 2007 with an easy-to-configure single-sign-on configuration for both intranet and extranet/Internet sites
ADFS configuration is not so simple
Explaining ADFS is easy, but the design and configuration of ADFS is a tad bit more complicated than I've made it sound so far. The design reading alone can take forever because you need to determine what you are truly looking to accomplish, and there are several methods to reach those goals. For example, do you want a Web single sign-on implementation, a federated Web single sign-on implementation, or a federated Web single sign-on implementation with Forest Trust? Knowing your goal is the key to getting started.
The implementation side depends not only on your design solution but also on the Web application you are looking to provide access to. Is it a SharePoint, which already comes with claims-aware features, or will you create your own claims-aware application?
Obviously, the world hasn't been waiting for Microsoft to release a federated services product before realizing the need here. So, most likely you have seen or worked with other solutions for single sign-on or some other form of cross-site authentication trust. We would like to know what you are using and how it measures up to ADFS.